Samizdata » Securityhttp://www.samizdata.net
A blog for people with a critically rational individualist perspectiveSun, 02 Aug 2015 16:19:22 +0000en-UShourly1http://wordpress.org/?v=4.2.3Criminal identificationhttp://www.samizdata.net/2006/01/criminal-identification/
http://www.samizdata.net/2006/01/criminal-identification/#commentsSat, 28 Jan 2006 19:04:19 +0000http://192.168.200.139/?p=8528Bureaucrats only expect compliance under threat of punishment. Other people will figure out, even if only by trial and error, how to break any system at its weakest points. See Kevin Mitnick on ‘social engineering’, or–if you are the sort of authoritarian who won’t listen to a felon but is impressed by prizes and tenure–any anecdote by Richard Feinman. I can also thoroughly recommend this post by edjog of the Distreputable Lazy Aliens website:

I don’t usually go into much detail about offences I committed whilst in active addiction, for a number of reasons which are beyond the scope of ...continue Criminal identification]]>

Bureaucrats only expect compliance under threat of punishment. Other people will figure out, even if only by trial and error, how to break any system at its weakest points. See Kevin Mitnick on ‘social engineering’, or–if you are the sort of authoritarian who won’t listen to a felon but is impressed by prizes and tenure–any anecdote by Richard Feinman. I can also thoroughly recommend this post by edjog of the Distreputable Lazy Aliens website:

I don’t usually go into much detail about offences I committed whilst in active addiction, for a number of reasons which are beyond the scope of this post but, with the UK Government’s headlong rush toward ID Cards seemingly based in much part around the notion that such a scheme will reduce crime, it seems appropriate. I’ve been prosecuted for what I’m about to talk about anyway: paid my debt to society and no longer commit crime. You don’t think a self-confessed law-breaker has anything relevant to say about this issue? Fine: bury your head in the sand; it’s your taxes paying for the scheme.

The author has kindly offered NO2ID syndication rights, so any magazines interested in new angles on the lamentable scheme for a non-webical audience should get in touch.

]]>http://www.samizdata.net/2006/01/criminal-identification/feed/0Putting the pan into Panopticonhttp://www.samizdata.net/2005/05/putting-the-pan-into-panoptico/
http://www.samizdata.net/2005/05/putting-the-pan-into-panoptico/#commentsThu, 19 May 2005 11:55:30 +0000http://192.168.200.139/?p=7566Rob Fisher blogs about Monday’s USA Today front page a story about a new X-Ray machine for use in airports that can see through clothing. The machine apparently generates images that, “paint a revealing picture of a person’s nude body”.

He points out that the article does not even touch on the need for such machines.

Are not current metal detectors adequate for preventing people from getting on an aeroplane with firearms?

If an airline says it wants me to walk through this machine as a condition of getting on one of their planes, that is one thing: it’s ...continue Putting the pan into Panopticon]]>

Rob Fisher blogs about Monday’s USA Today front page a story about a new X-Ray machine for use in airports that can see through clothing. The machine apparently generates images that, “paint a revealing picture of a person’s nude body”.

He points out that the article does not even touch on the need for such machines.

Are not current metal detectors adequate for preventing people from getting on an aeroplane with firearms?

If an airline says it wants me to walk through this machine as a condition of getting on one of their planes, that is one thing: it’s a private company deciding that this is a necessary measure to protect its customers or keep down its insurance costs. It’s their aircraft, they can quite rightly refuse to allow on anyone they feel like for whatever reason.

But if the government mandates the use of these machines, then that’s the government forcing airlines and airports into doing something they and their passengers likely don’t want to do. It’s governments yet again abusing their power to achieve nothing of value to anyone except politicians who want to look like they’re doing something useful.

Soon after 9/11, Britain introduced draconian anti-terrorist legislation that included the power to imprison suspected terrorists without trial. It required an abrogation of human rights laws, and was a denial of habeas corpus: but the argument was that in some cases, producing evidence in a trial might expose secret sources or prejudice the lives and safety of the security services and their informers.

Not surprisingly, the High Court objected. So last week, Britain’s Home Secretary, Charles Clarke, replied that instead of detaining suspects in prison, he would keep them under ...continue Terror suspects: let judges decide]]>

Soon after 9/11, Britain introduced draconian anti-terrorist legislation that included the power to imprison suspected terrorists without trial. It required an abrogation of human rights laws, and was a denial of habeas corpus: but the argument was that in some cases, producing evidence in a trial might expose secret sources or prejudice the lives and safety of the security services and their informers.

Not surprisingly, the High Court objected. So last week, Britain’s Home Secretary, Charles Clarke, replied that instead of detaining suspects in prison, he would keep them under house arrest, bar them using the internet and mobile phones, and so on.

Home Office ministers said we shouldn’t worry about this, because nice Mr Clarke would keep all such detentions under constant review. And because it only applies to international terrorists. But then other ministers said it might apply to animal rights campaigners too, since they were pretty dangerous characters. Err…where is this going to end?

Sure, a liberal order must protect itself from those who would destroy liberalism itself. And maybe, at times, you have to act illiberally to do that. But you should still act according to the rule of law. If there is evidence, it should be produced in court. If the evidence is too sensitive to be made public, then it should be heard in private before qualified judges. At the moment we are jailing people, and soon we will be imprisoning them in their homes, on the say-so of a politician. That is scary.

]]>http://www.samizdata.net/2005/02/terror-suspects-let-judges-dec/feed/4Building wallshttp://www.samizdata.net/2004/07/building-walls/
http://www.samizdata.net/2004/07/building-walls/#commentsTue, 13 Jul 2004 11:20:51 +0000http://192.168.200.139/?p=6364The War on Terror, like any war, provides the opportunity for certain technologies to be developed at an accelerated pace. The problem is that we seem to depend on the rather glib assertion that without freedom there is no prosperity. This is fine so long as government is concerned with prosperity. But how long do people have to wait in societies where an élite puts the power to rule ahead of prosperity? As George Orwell put it in Hommage to Catalonia: “We don’t grasp it’s [totalitarianism’s] full implications, because in our mystical way we feel that a régime founded on ...continue Building walls]]>The War on Terror, like any war, provides the opportunity for certain technologies to be developed at an accelerated pace. The problem is that we seem to depend on the rather glib assertion that without freedom there is no prosperity. This is fine so long as government is concerned with prosperity. But how long do people have to wait in societies where an élite puts the power to rule ahead of prosperity? As George Orwell put it in Hommage to Catalonia: “We don’t grasp it’s [totalitarianism’s] full implications, because in our mystical way we feel that a régime founded on slavery must collapse. But it is worth comparing the duration of the slave empires of antiquity with that of any modern state. Civilisations founded on slavery have lasted for such periods as four thousand years.”

Chemical detectors may provide, by the way, the greatest advance in counter-insurgent capabilities. Biochips will make it possible for self-directed UAVS to seek out explosives, including those used in small arms, and chemical and biological agents. They will also enable the identification and tracking of thousands or even millions of individuals in a monitored area based on their “smell.” It is inevitable that military and police agencies will be able to monitor and create detailed and exhaustive virtual records of any location, whether it is along a security barrier or the entire town of Fallujah. If insurgents are not prevented from carrying out attacks, they will be backtracked in a recorded virtual world and then, when identified, arrested or eliminated remotely using smart weapons along the lines of Frank Herbert’s flying hypodermics. Even those who plant bombs or send and equip suicide bombers will be vulnerable to detection and removal.

There will, of course, be enormous privacy concerns as these technologies come online, and guerrillas/terrorists will do their best to use off-the-shelf products to stay in the tech arms race. It should also be pointed out that tyrants will enjoy many of the same advantages that democracies have over insurgents, and their ability to transfer tech capabilities to third parties constantly seeking to “hack” our system will remain a critical security concern.

History has shown, however, that the conditions needed for real tech innovation exist in direct proportion to the degree of freedom enjoyed by a populace. Democracies with relatively free markets, like the United States and Israel, will therefore accrue increasingly important advantages over those that would replace liberty with coercion. What is not clear, however, is to what extent free societies will allow the use of these technologies to counter Islamists and other advocates of tyranny, both domestically and internationally.

John Robb, author: Warfare is changing to an attack on critical points in infrastructures to create damage far beyond the cost of an attack. Al Qaeda sees the West as a system that it must attack on a distributed basis to make the most of its limited resources.

How do you fight these folks? Looking at the size of these networks, what is characteristic of al Qaeda and affiliated organizations looks like a crime network combined with traditional terror. They have mastered terrorist ...continue The age of distributed threat]]>

John Robb, author: Warfare is changing to an attack on critical points in infrastructures to create damage far beyond the cost of an attack. Al Qaeda sees the West as a system that it must attack on a distributed basis to make the most of its limited resources.

How do you fight these folks? Looking at the size of these networks, what is characteristic of al Qaeda and affiliated organizations looks like a crime network combined with traditional terror. They have mastered terrorist best practices and that has allowed him to unplug the organization from nation-states, which subverts the nation-state system itself. Al Queda is in a new zone. They have no restrictions on behavior.

A distributed problem has to have a distributed response.

Exactly, and that is one of the central arguments of White Rose, if you address a distributed threat such as terrorism by tightening and establishing centrally imposed and managed security, you will produce a sense of false security and ‘crowd out’ the only distributed security – the individual and in the society.

]]>http://www.samizdata.net/2004/07/the-age-of-distributed-threat/feed/1America’s Flimsy Fortresshttp://www.samizdata.net/2004/03/americas-flimsy-fortress/
http://www.samizdata.net/2004/03/americas-flimsy-fortress/#commentsTue, 09 Mar 2004 23:35:09 +0000http://192.168.200.139/?p=5697Bruce Schneier has a view essay in Wired about how all the money spent on security to turn the country into a fortress may make us feel better, but it doesn’t make us any safer. As most readers of this blog will know, Bruce Schneier is CTO of Counterpane Internet Security and author of Beyond Fear: Thinking Sensibly About Security in an Uncertain World.

Many of the security measures we encounter on a daily basis aim pinpoint the bad guys by treating everyone as a suspect. The Department of Homeland Security counts on technology to come to our rescue: databases ...continue America’s Flimsy Fortress]]>

Bruce Schneier has a view essay in Wired about how all the money spent on security to turn the country into a fortress may make us feel better, but it doesn’t make us any safer. As most readers of this blog will know, Bruce Schneier is CTO of Counterpane Internet Security and author of Beyond Fear: Thinking Sensibly About Security in an Uncertain World.

Many of the security measures we encounter on a daily basis aim pinpoint the bad guys by treating everyone as a suspect. The Department of Homeland Security counts on technology to come to our rescue: databases to track suspected terrorists, facial recognition to spot them in airports, artificial intelligence to anticipate plots before they unfold. But that creates a problem similar to the one you see when airport security screeners waste their time frisking false alarms. Terrorists are so rare that any individual lead is almost certainly a false one. So billions of dollars are wasted with no assurance that any terrorist will be caught. When an airport screener confiscates a pocketknife from an innocent person, security has failed.

…

Security always involves compromises. As a society we can have as much protection as we want, as long as we’re willing to sacrifice the money, time, convenience, and liberties to get it. Unfortunately, most of the government’s measures are bad trade-offs: They require significant sacrifices without providing much additional safety in return. And there’s far too much “security theater” – ways of making people feel safer without actually improving anything.

A lone (or so it often seems) voice of sanity and common sense – just what I needed to get me through today…

]]>http://www.samizdata.net/2004/03/americas-flimsy-fortress/feed/0Airline passenger screening system faces delayshttp://www.samizdata.net/2004/02/airline-passenger-screening-sy/
http://www.samizdata.net/2004/02/airline-passenger-screening-sy/#commentsFri, 13 Feb 2004 10:00:16 +0000http://192.168.200.139/?p=5554The General Accounting Office warned today that the Transportation Security Administration’s high-tech system to screen airline passengers for terrorist connections faces significant testing and deployment delays, which could affect the program’s ultimate success. According to a report by the GAO, the TSA has not only fallen behind in testing the new Computer-Assisted Passenger PreScreening System (CAPPS II), but also has yet to fully identify all of the functions it would like the system to perform. In addition, the TSA has not yet completed work on at least seven key technical challenges that could stand in the way of the system’s ...continue Airline passenger screening system faces delays]]>The General Accounting Office warned today that the Transportation Security Administration’s high-tech system to screen airline passengers for terrorist connections faces significant testing and deployment delays, which could affect the program’s ultimate success.
According to a report by the GAO, the TSA has not only fallen behind in testing the new Computer-Assisted Passenger PreScreening System (CAPPS II), but also has yet to fully identify all of the functions it would like the system to perform. In addition, the TSA has not yet completed work on at least seven key technical challenges that could stand in the way of the system’s final deployment.

These issues, if not resolved, pose major risks to the successful deployment and implementation of CAPPS II.

There are other significant issues facing U.S. airport security, according to a former top Israeli airport security official and the director of security at Virgin Atlantic Airlines. According to these officials, who spoke Tuesday during an online Terror and Technology conference sponsored by IDPartners LLC, the U.S. runs a major risk by focusing too much on information technology and other high-tech solutions to uncover terrorist plots against airports and airlines.

Rafi Ron, president of New Age Security Solutions and the former head of security at Ben Gurion Airport in Tel Aviv explains that the terrorist threat against airlines is a relatively new experience in the U.S.

There is a tendency to solve problems through the use of technological means. Focusing on technology sometimes makes you lose your overall perspective. That can lead to unbalanced planning, unbalanced investment and misuse of funds.

Rather than rely on IT systems for the bulk of security monitoring, Ron said airport authorities should use personnel training programs in behavior pattern recognition, which has been highly successful in Israel.

Behavior analysis can fill the gap of a purely technological approach. Technology is not yet good enough to provide us with a 100% solution.

]]>http://www.samizdata.net/2004/02/airline-passenger-screening-sy/feed/0The fish that threatened national securityhttp://www.samizdata.net/2004/02/the-fish-that-threatened-natio/
http://www.samizdata.net/2004/02/the-fish-that-threatened-natio/#commentsMon, 02 Feb 2004 23:08:20 +0000http://192.168.200.139/?p=5472College student Lara Hayhurst was not prepared to let officials treat her little pet like Osama ‘fin’ Laden… Forgive the pun but the story is quite funny, well, mainly because she got away with it. ]]>College student Lara Hayhurst was not prepared to let officials treat her little pet like Osama ‘fin’ Laden… Forgive the pun but the story is quite funny, well, mainly because she got away with it.
]]>http://www.samizdata.net/2004/02/the-fish-that-threatened-natio/feed/0Disaster plans due to be unveiledhttp://www.samizdata.net/2004/01/disaster-plans-due-to-be-unvei/
http://www.samizdata.net/2004/01/disaster-plans-due-to-be-unvei/#commentsWed, 07 Jan 2004 16:58:10 +0000http://192.168.200.139/?p=5319The BBC reports that planned new powers for dealing with a major terrorist attack and other big emergencies are unveiled today. Ministers have already published drafts of the new laws, which were criticised by an influential committee of MPs and peers for putting human rights at risk.

They fear that unless the Civil Contingencies Bill contains suitable constraints its powers could be abused by a future government. Civil rights campaigners want the new powers to be more strictly defined.

Summary of key power in draft bill: Ministers will be able to bypass Parliament to make emergency regulations Police ...continue Disaster plans due to be unveiled]]>

The BBC reports that planned new powers for dealing with a major terrorist attack and other big emergencies are unveiled today. Ministers have already published drafts of the new laws, which were criticised by an influential committee of MPs and peers for putting human rights at risk.

They fear that unless the Civil Contingencies Bill contains suitable constraints its powers could be abused by a future government. Civil rights campaigners want the new powers to be more strictly defined.

Summary of key power in draft bill:

Ministers will be able to bypass Parliament to make emergency regulations

Police will be able to ban public gatherings, impose curfews, seize property

The Human Rights Act could be suspended

A parliamentary committee set up to look at the plans said they had “potentially dangerous flaws”. The Committee chairman Lewis Moonie said his main concern was over human liberty and rights because the terms used in the bill were “too vague”.

The basis under which the government could take these powers to itself – the way in which government defines an emergency – I think is the first concern. If they listen to us, as I’m pretty sure they will, they should have changed the terms on which this is done and made it much more explicit how they take these powers in the first place.

Dr Moonie, a former defence minister warns:

We should not put such power into the hands of anybody without suitable constraints.

Truer words are rarely spoken by politicians.

Full text of the civil contingencies bill here (pdf). Via the Guardian.

Whenever the authorities try and vote themselves greater powers, there is a need to be cautious and sceptical. By reinstating the courts’ powers to consider human right abuses under these laws, the government has made an important concession.

The concessions made by the government in no way change the fundamental objections to this Bill. The powers available to the government and state agencies would be truly draconian. Cities could be sealed off, travel bans introduced, all phones cut off, and websites shut down. Demonstrations could be banned and the news media be made subject to censorship. New offences against the state could be “created” by government decree. This is Britain’s Patriot Act, at a stroke democracy could be replaced by totalitarianism.

]]>http://www.samizdata.net/2004/01/disaster-plans-due-to-be-unvei/feed/0Mr Blog asks the right question but gets the wrong answerhttp://www.samizdata.net/2003/10/mr-blog-asks-the-right-questio/
http://www.samizdata.net/2003/10/mr-blog-asks-the-right-questio/#commentsThu, 09 Oct 2003 14:37:46 +0000http://192.168.200.139/?p=4726Cards on the table. The bosses of this blog are out of town, and although they may be able to stick stuff up here from time to time, they may be distracted. I’m one of the people they hope will keep things buzzing in their absence. So I googled a few obvious things like “surveillance” and “privacy” and got little that was new, and then I tried “Freedom versus Security”, and got to this piece at Mr Blog, from way back in August.

Cards on the table. The bosses of this blog are out of town, and although they may be able to stick stuff up here from time to time, they may be distracted. I’m one of the people they hope will keep things buzzing in their absence. So I googled a few obvious things like “surveillance” and “privacy” and got little that was new, and then I tried “Freedom versus Security”, and got to this piece at Mr Blog, from way back in August.

Mr Blog has this to say on the matter:

Defining the debate as “freedom versus security” circumvents the question of whether the various proposals, in fact, improve security. Where is the evidence for this assumption that any of these measures can help ensure security?

He then attacks various supposed US security measures on cost effectiveness grounds. This critique is good as far as it goes. Indeed we do not want to hand on to our grandchildren a society bankrupted by a million futile security measures which weren’t. That’s true.

But I think Mr Blog is making a fundamental error of omission here. The really big consequence of framing things as “freedom versus security” is to smuggle past you the notion that “freedom” can never ever be any good for “security”. Yet plainly it can.

If the populus is numbed into a state of brainless inertia by laws that take away their freedom, and which simultaneously promise to create security, then a major source of security, in the form of individuals protecting themselves and each other, may be switched off, and by the very measures which were supposedly going to make us all more secure. The “cost” of “security” measures isn’t only that they cost us a ton of money, or even that they cost us freedom. What if, by costing us freedom, they also reduce security? That’s the biggest problem with framing this argument as “freedom versus security”.

As I have probably said here before, this debate reminds me of the Economic Calculation debate of a hundred years ago, and Mr Blog is just like one of those anti-economic-planning grumblers of days gone by who complained that planning would be more of a muddle and less of a spur to prosperity than pro-planners fancied, and that it would eat up our freedoms to insufficiently good effect. But that was to miss the vital point about prosperity, which was that in order to get it, you had to have freedom. No freedom, no prosperity.

What if security is the same? No freedom, no security. I think it is, and I think that’s true. And I want some latter day Von Mises to write a huge book which proves it.

Mr Blog’s error is all the more distressing because he frames the question so clearly.

]]>http://www.samizdata.net/2003/10/mr-blog-asks-the-right-questio/feed/4Safe and free?http://www.samizdata.net/2003/08/safe-and-free/
http://www.samizdata.net/2003/08/safe-and-free/#commentsWed, 20 Aug 2003 10:16:06 +0000http://192.168.200.139/?p=4289The BBC reports that US Attorney General John Ashcroft has launched a strident defence of the controversial Patriot Act, saying it was the government’s responsibility to defend Americans in any way it could.

Mr Ashcroft highlighted support for the Patriot Act given earlier by members of Congress and the website lists quotations from members of both parties supporting the legislation, almost wholly dating back to October 2001 when it was introduced.

But since then dozens of cities and counties across the country have approved resolutions criticising the Patriot Act and various lawsuits have been brought to declare it ...continue Safe and free?]]>

The BBC reports that US Attorney General John Ashcroft has launched a strident defence of the controversial Patriot Act, saying it was the government’s responsibility to defend Americans in any way it could.

Mr Ashcroft highlighted support for the Patriot Act given earlier by members of Congress and the website lists quotations from members of both parties supporting the legislation, almost wholly dating back to October 2001 when it was introduced.

But since then dozens of cities and counties across the country have approved resolutions criticising the Patriot Act and various lawsuits have been brought to declare it unconstitutional.

Even the Republican-led House of Representatives has become involved in recent weeks, striking down “sneak-and-peek” rules which allowed government agents to search private property without telling the owner.

Other controversial areas – such as agents being allowed to scrutinise people’s library records without showing what crime they believe could be being committed – still stand despite challenges.

Now I happen to have a lot against Bush … besides the fact that I did not vote for him in 2000 and the only good thing I could think of to say about him then was that at least he wasn’t Al Gore.

I don’t think highly of his handling of national security – within the United States – that is, this ridiculous bureaucratic monstrosity called Homeland Security, headed by that total jerk Ridge. (What’s that matter with Ridge? Well, here’s just one thing, but it shows how wrong ...continue Homeland Security is looking for other things to do]]>

Now I happen to have a lot against Bush … besides the fact that I did not vote for him in 2000 and the only good thing I could think of to say about him then was that at least he wasn’t Al Gore.

I don’t think highly of his handling of national security – within the United States – that is, this ridiculous bureaucratic monstrosity called Homeland Security, headed by that total jerk Ridge. (What’s that matter with Ridge? Well, here’s just one thing, but it shows how wrong he is … He wants to use Homeland Security to track down child porn peddlers and Internet perverts. My goodness, how could there be anything wrong with that? Well, what does that have to do with national security? We have a multiplicity of police forces to handle ordinary crimes. Homeland Security was supposed to be about protecting us from terrorists, you know, 9/11 … So if the terrorist problem is so under control that he has to go looking for other jobs to keep his minions busy, well let’s just save a few billion dollars and dissolve his agency instead.)

Indeed, but that of course is not how these things work. Once an “agency” is set up, it mmediately goes looking for other stuff to do as well, and hence in the fullness of time, potentially, instead.

Principles, once conceded in one policy area immediately go wandering, often in the form of the very agency that embodies the original concession.